extend withWww to philippeterson.com and coldairnetworks.com; drop fbksdigital
- philippeterson.com and coldairnetworks.com now use withWww, fixing the same www.* cert-mismatch problem that affected pdxdestiny.com - fbksdigital.com vhost removed (disabled for now) - ACME cyclic dependency list updated accordingly Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
parent
2624efbde8
commit
6e15ad142d
2 changed files with 67 additions and 105 deletions
|
|
@ -375,15 +375,15 @@ in {
|
||||||
systemd.services.nginx.after = lib.mkForce [
|
systemd.services.nginx.after = lib.mkForce [
|
||||||
"network.target"
|
"network.target"
|
||||||
"acme-selfsigned-coldairnetworks.com.service"
|
"acme-selfsigned-coldairnetworks.com.service"
|
||||||
"acme-selfsigned-fbksdigital.com.service"
|
"acme-selfsigned-www.coldairnetworks.com.service"
|
||||||
"acme-selfsigned-forge.quinefoundation.com.service"
|
"acme-selfsigned-forge.quinefoundation.com.service"
|
||||||
"acme-selfsigned-hyper.quineglobal.com.service"
|
"acme-selfsigned-hyper.quineglobal.com.service"
|
||||||
"acme-selfsigned-pdxdestiny.com.service"
|
"acme-selfsigned-pdxdestiny.com.service"
|
||||||
"acme-selfsigned-www.pdxdestiny.com.service"
|
"acme-selfsigned-www.pdxdestiny.com.service"
|
||||||
"acme-selfsigned-philippeterson.com.service"
|
"acme-selfsigned-philippeterson.com.service"
|
||||||
|
"acme-selfsigned-www.philippeterson.com.service"
|
||||||
"acme-selfsigned-riverside.coldairnetworks.com.service"
|
"acme-selfsigned-riverside.coldairnetworks.com.service"
|
||||||
"acme-selfsigned-vnc.quinefoundation.com.service"
|
"acme-selfsigned-vnc.quinefoundation.com.service"
|
||||||
"acme-selfsigned-webdav.philippeterson.com.service"
|
"acme-selfsigned-webdav.philippeterson.com.service"
|
||||||
"acme-selfsigned-www.philippeterson.com.service"
|
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
||||||
168
nixos/nginx.nix
168
nixos/nginx.nix
|
|
@ -41,109 +41,6 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
"fbksdigital.com" = {
|
|
||||||
enableACME = true; # Enable Let's Encrypt certificate for HTTPS
|
|
||||||
forceSSL = false; # Redirect HTTP to HTTPS?
|
|
||||||
addSSL = true;
|
|
||||||
|
|
||||||
root = "/dev/null";
|
|
||||||
|
|
||||||
locations."/" = {
|
|
||||||
extraConfig = ''
|
|
||||||
return 301 http://fbksdigital.lpages.co/fbksdigital/;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
};
|
|
||||||
"www.philippeterson.com" = {
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = false;
|
|
||||||
addSSL = true;
|
|
||||||
|
|
||||||
locations."/" = {
|
|
||||||
extraConfig = ''
|
|
||||||
return 301 https://philippeterson.com$request_uri;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
"philippeterson.com" = {
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = false;
|
|
||||||
addSSL = true;
|
|
||||||
|
|
||||||
root = "/etc/pullomatic/com_philippeterson";
|
|
||||||
|
|
||||||
locations."~ /.git(/.*)$ " = {
|
|
||||||
extraConfig = ''
|
|
||||||
deny all;
|
|
||||||
return 404;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
locations."/games/atcsim" = {
|
|
||||||
extraConfig = ''
|
|
||||||
return 301 /games/atcsim/;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
locations."~ ^/games/atcsim(/[^/\\s]*)*$" = {
|
|
||||||
extraConfig = ''
|
|
||||||
index index.html index.htm;
|
|
||||||
rewrite ^/games/atcsim/?$ "/index.html" break;
|
|
||||||
rewrite ^/games/atcsim(?<query>(/[^/\\s]*)*)$ "$query" break;
|
|
||||||
root /etc/pullomatic/atcsim;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
locations."/portfolio" = {
|
|
||||||
extraConfig = ''
|
|
||||||
return 301 /portfolio/;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
locations."~ ^/portfolio/" = {
|
|
||||||
extraConfig = ''
|
|
||||||
index index.html index.htm;
|
|
||||||
rewrite ^/portfolio/?$ "/index.html" break;
|
|
||||||
rewrite ^/portfolio(?<query>(/[^/\\s]*)*)$ "$query" break;
|
|
||||||
root /etc/pullomatic/my-portfolio;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
locations."~ ^/echo(?<query>((/[^/\\s]*)*))$" = {
|
|
||||||
extraConfig = ''
|
|
||||||
add_header Content-Type text/plain;
|
|
||||||
return 200 "$query";
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
locations."/" = {
|
|
||||||
extraConfig = ''
|
|
||||||
try_files $uri $uri.php $uri/ =404;
|
|
||||||
index index.php index.html index.htm;
|
|
||||||
rewrite ^/contact$ /contact.php last;
|
|
||||||
rewrite ^/resume$ /resume.php last;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
locations."~ \.php$" = {
|
|
||||||
extraConfig = ''
|
|
||||||
include ${pkgs.nginx}/conf/fastcgi.conf;
|
|
||||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
|
||||||
fastcgi_pass unix:${config.services.phpfpm.pools.main.socket};
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"coldairnetworks.com" = {
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = false;
|
|
||||||
addSSL = true;
|
|
||||||
|
|
||||||
locations."/" = {
|
|
||||||
proxyPass = "http://127.0.0.1:3012/";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
"blog.quineglobal.com" = {
|
"blog.quineglobal.com" = {
|
||||||
enableACME = false;
|
enableACME = false;
|
||||||
|
|
@ -271,6 +168,71 @@
|
||||||
forceSSL = false;
|
forceSSL = false;
|
||||||
addSSL = true;
|
addSSL = true;
|
||||||
root = pdxDestinyRoot;
|
root = pdxDestinyRoot;
|
||||||
|
}) // (withWww "philippeterson.com" {
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = false;
|
||||||
|
addSSL = true;
|
||||||
|
root = "/etc/pullomatic/com_philippeterson";
|
||||||
|
locations."~ /.git(/.*)$ " = {
|
||||||
|
extraConfig = ''
|
||||||
|
deny all;
|
||||||
|
return 404;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
locations."/games/atcsim" = {
|
||||||
|
extraConfig = ''
|
||||||
|
return 301 /games/atcsim/;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
locations."~ ^/games/atcsim(/[^/\\s]*)*$" = {
|
||||||
|
extraConfig = ''
|
||||||
|
index index.html index.htm;
|
||||||
|
rewrite ^/games/atcsim/?$ "/index.html" break;
|
||||||
|
rewrite ^/games/atcsim(?<query>(/[^/\\s]*)*)$ "$query" break;
|
||||||
|
root /etc/pullomatic/atcsim;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
locations."/portfolio" = {
|
||||||
|
extraConfig = ''
|
||||||
|
return 301 /portfolio/;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
locations."~ ^/portfolio/" = {
|
||||||
|
extraConfig = ''
|
||||||
|
index index.html index.htm;
|
||||||
|
rewrite ^/portfolio/?$ "/index.html" break;
|
||||||
|
rewrite ^/portfolio(?<query>(/[^/\\s]*)*)$ "$query" break;
|
||||||
|
root /etc/pullomatic/my-portfolio;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
locations."~ ^/echo(?<query>((/[^/\\s]*)*))$" = {
|
||||||
|
extraConfig = ''
|
||||||
|
add_header Content-Type text/plain;
|
||||||
|
return 200 "$query";
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
locations."/" = {
|
||||||
|
extraConfig = ''
|
||||||
|
try_files $uri $uri.php $uri/ =404;
|
||||||
|
index index.php index.html index.htm;
|
||||||
|
rewrite ^/contact$ /contact.php last;
|
||||||
|
rewrite ^/resume$ /resume.php last;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
locations."~ \.php$" = {
|
||||||
|
extraConfig = ''
|
||||||
|
include ${pkgs.nginx}/conf/fastcgi.conf;
|
||||||
|
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||||
|
fastcgi_pass unix:${config.services.phpfpm.pools.main.socket};
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}) // (withWww "coldairnetworks.com" {
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = false;
|
||||||
|
addSSL = true;
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://127.0.0.1:3012/";
|
||||||
|
};
|
||||||
});
|
});
|
||||||
|
|
||||||
# Optionally configure additional options
|
# Optionally configure additional options
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue